Browse Source

Move MySQL settings out of puppet/controller.yaml

This moves the config settings out of controller.yaml for MySQL
and into puppet/services/database/mysql.yaml.

The top leve MysqlRootPassword is still maintained by default
in overcloud.yaml so that users who upgrade won't get
broken. New users may optionally specify the MysqlRootPassword
as a parameter instead which will take priority over the top
level generated parameter.

We drop the top level MysqlClusterUniquePart because it is no
longer used (I think it was a remnant from t-i-e).

Related-Bug: #1604414

Change-Id: I06ebac0f4c87dabfccefb2e550a64650868c5b26
changes/05/356505/10
Dan Prince 6 years ago
parent
commit
58bf3932a8
  1. 3
      default_passwords.yaml
  2. 9
      overcloud.yaml
  3. 60
      puppet/controller.yaml
  4. 34
      puppet/services/database/mysql.yaml
  5. 10
      puppet/services/pacemaker/database/mysql.yaml

3
default_passwords.yaml

@ -5,8 +5,6 @@ description: Passwords we manage at the top level
parameters:
DefaultMysqlRootPassword:
type: string
DefaultMysqlClusterPassword:
type: string
DefaultRabbitCookie:
type: string
DefaultHeatAuthEncryptionKey:
@ -21,7 +19,6 @@ outputs:
description: Password data
value:
mysql_root_password: {get_param: DefaultMysqlRootPassword}
mysql_cluster_password: {get_param: DefaultMysqlClusterPassword}
rabbit_cookie: {get_param: DefaultRabbitCookie}
heat_auth_encryption_key: {get_param: DefaultHeatAuthEncryptionKey}
pcsd_password: {get_param: DefaultPcsdPassword}

9
overcloud.yaml

@ -399,15 +399,12 @@ resources:
controllerExtraConfig: {get_param: controllerExtraConfig}
HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
HorizonSecret: {get_resource: HorizonSecret}
MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
PcsdPassword: {get_resource: PcsdPassword}
RabbitCookie: {get_attr: [RabbitCookie, value]}
RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
RedisVirtualIPUri: {get_attr: [RedisVirtualIP, ip_address_uri]}
ServiceNetMap: {get_attr: [ServiceNetMap, service_net_map]}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_attr: [ServiceNetMap, service_net_map, MysqlNetwork]}]}
Hostname:
str_replace:
template: {get_param: ControllerHostnameFormat}
@ -612,11 +609,6 @@ resources:
properties:
length: 10
MysqlClusterUniquePart:
type: OS::Heat::RandomString
properties:
length: 10
RabbitCookie:
type: OS::Heat::RandomString
properties:
@ -627,7 +619,6 @@ resources:
type: OS::TripleO::DefaultPasswords
properties:
DefaultMysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
DefaultMysqlClusterPassword: {get_attr: [MysqlClusterUniquePart, value]}
DefaultRabbitCookie: {get_attr: [RabbitCookie, value]}
DefaultHeatAuthEncryptionKey: {get_attr: [HeatAuthEncryptionKey, value]}
DefaultPcsdPassword: {get_attr: [PcsdPassword, value]}

60
puppet/controller.yaml

@ -4,10 +4,6 @@ description: >
OpenStack controller node configured by Puppet.
parameters:
AdminPassword:
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
AodhPassword:
description: The password for the aodh services.
type: string
@ -47,10 +43,6 @@ parameters:
default: false
description: Whether to enable fencing in Pacemaker or not.
type: boolean
EnableGalera:
default: true
description: Whether to use Galera instead of regular MariaDB.
type: boolean
EnableLoadBalancer:
default: true
description: Whether to deploy a LoadBalancer on the Controller
@ -149,31 +141,6 @@ parameters:
default: false
description: Whether IPtables rules should be purged before setting up the new ones.
type: boolean
MysqlClusterUniquePart:
description: A unique identifier of the MySQL cluster the controller is in.
type: string
default: 'unset' # Has to be here because of the ignored empty value bug
# Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
# constraints:
# - length: {min: 4, max: 10}
MysqlInnodbBufferPoolSize:
description: >
Specifies the size of the buffer pool in megabytes. Setting to
zero should be interpreted as "no value" and will defer to the
lower level default.
type: number
default: 0
MysqlMaxConnections:
description: Configures MySQL max_connections config setting
type: number
default: 4096
MysqlClustercheckPassword:
type: string
hidden: true
MysqlRootPassword:
type: string
hidden: true
default: '' # Has to be here because of the ignored empty value bug
NeutronMetadataProxySharedSecret:
description: Shared secret to prevent spoofing
type: string
@ -251,9 +218,6 @@ parameters:
type: string
description: Nova Compute upgrade level
default: ''
MysqlVirtualIP:
type: string
default: ''
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
@ -485,25 +449,14 @@ resources:
haproxy_stats_user: {get_param: HAProxyStatsUser}
heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
horizon_secret: {get_param: HorizonSecret}
admin_password: {get_param: AdminPassword}
debug: {get_param: Debug}
keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
enable_fencing: {get_param: EnableFencing}
enable_galera: {get_param: EnableGalera}
enable_load_balancer: {get_param: EnableLoadBalancer}
manage_firewall: {get_param: ManageFirewall}
purge_firewall_rules: {get_param: PurgeFirewallRules}
mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
mysql_max_connections: {get_param: MysqlMaxConnections}
mysql_root_password: {get_param: MysqlRootPassword}
mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
mysql_cluster_name:
str_replace:
template: tripleo-CLUSTER
params:
CLUSTER: {get_param: MysqlClusterUniquePart}
neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
@ -569,8 +522,6 @@ resources:
redis_vip: {get_param: RedisVirtualIP}
sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
mysql_virtual_ip: {get_param: MysqlVirtualIP}
ceph_cluster_network:
get_attr:
- NetIpMap
@ -680,17 +631,6 @@ resources:
# MongoDB
mongodb::server::bind_ip: {get_input: mongo_db_network}
# MySQL
admin_password: {get_input: admin_password}
enable_galera: {get_input: enable_galera}
mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
mysql_max_connections: {get_input: mysql_max_connections}
mysql::server::root_password: {get_input: mysql_root_password}
mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
mysql_cluster_name: {get_input: mysql_cluster_name}
mysql_bind_host: {get_input: mysql_network}
mysql_virtual_ip: {get_input: mysql_virtual_ip}
# Neutron
neutron::bind_host: {get_input: neutron_api_network}
neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}

34
puppet/services/database/mysql.yaml

@ -1,4 +1,4 @@
heat_template_version: 2016-04-08
heat_template_version: 2016-10-14
description: >
MySQL service deployment using puppet
@ -19,6 +19,21 @@ parameters:
description: Mapping of service endpoint -> protocol. Typically set
via parameter_defaults in the resource registry.
type: json
MysqlMaxConnections:
description: Configures MySQL max_connections config setting
type: number
default: 4096
MysqlRootPassword:
type: string
hidden: true
default: ''
MysqlClustercheckPassword:
type: string
hidden: true
EnableGalera:
default: true
description: Whether to use Galera instead of regular MariaDB.
type: boolean
outputs:
role_data:
@ -42,5 +57,22 @@ outputs:
- 4567
- 4568
- 9200
mysql_max_connections: {get_param: MysqlMaxConnections}
mysql::server::root_password:
yaql:
expression: $.data.passwords.where($ != '').first()
data:
passwords:
- {get_param: MysqlRootPassword}
- {get_param: [DefaultPasswords, mysql_root_password]}
mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
enable_galera: {get_param: EnableGalera}
# NOTE: bind IP is found in Heat replacing the network name with the
# local node IP for the given network; replacement examples
# (eg. for internal_api):
# internal_api -> IP
# internal_api_uri -> [IP]
# internal_api_subnet - > IP/CIDR
mysql_bind_host: {get_param: [ServiceNetMap, MysqlNetwork]}
step_config: |
include ::tripleo::profile::base::database::mysql

10
puppet/services/pacemaker/database/mysql.yaml

@ -20,11 +20,21 @@ parameters:
via parameter_defaults in the resource registry.
type: json
resources:
MysqlBase:
type: ../../database/mysql.yaml
properties:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
EndpointMap: {get_param: EndpointMap}
outputs:
role_data:
description: Service MySQL with Pacemaker using composable services.
value:
service_name: mysql
config_settings:
get_attr: [MysqlBase, role_data, config_settings]
step_config: |
include ::tripleo::profile::pacemaker::database::mysql

Loading…
Cancel
Save